Tech Friday

posted by Brian Thomas - 

  • Fitbit helps catch a killer:
    • The “Quantified Self” movement continues to grow and the use of fitness trackers like Fitbit is rising
    • These devices can provide great feedback and motivation to keep you moving, but can have unforeseen and unanticipated consequences
    • You can think of these devices as “black boxes” for the human body, and they track a variety of metrics including steps, miles, minutes of activity, minutes of sleep, heart rate, etc.
    • Once again, a fitness tracker has been used to capture a criminal
    • 90-year old Tony Aiello was arrested on suspicion of murdering his 67-year-old stepdaughter Karen Navarra
    • Police said Navarra was found in a chair with her throat cut and a knife in her hand
    • Investigators said the scene appeared to be a staged suicide
    • An autopsy revealed additional wounds and doctors classified the case as a homicide
    • Aiello told San Jose police that he dropped off pizza at Navarra's house, and that he was outside his own home a few hours later where he witnessed her drive by with a passenger
    • Nearby surveillance cameras captured Aiello's car at Navarra’s home for at least 21 minutes that day, but they did not show her car leaving
    • Navarra was wearing a Fitbit at the time of her death. Investigators consulted with Fitbit and found that her device showed that Navarra's heart rate spiked at 3:20 pm and then rapidly slowed to a complete stop at 3:28 pm
    • Police later found bloody clothes in his hamper
    • This is not the first case where activity tracker data has been used in criminal and civil cases, there are many examples:
      • A Connecticut man was arrested after his wife’s Fitbit data showed her last movements were more than an hour after he said she had been killed by intruders

      • Police in Lancaster County, PA used Fitbit data to determine that a 43-year-old woman who filed a report about being attacked in her home was lying
      • A law firm in Calgary used activity data in a personal injury case to illustrate how an accident impacted their client
    • As more devices get "smart", the data they collect will increasingly be used in criminal and civil cases
  • The latest on Facebook's most recent data breach:
    • Facebook announced that a breach discovered on September 25 impacted roughly 50 million user accounts
    • In this case, a vulnerability allowed attackers to directly take over user accounts giving them access to everything in a victim's profile
    • Facebook began an investigation on September 16 as the result of an unusual spike in Facebook usage
    • On the 25th, engineers discovered that hackers exploited a series of bugs in the "View As" feature, which allows users to experience how their profile appears to another person
    • The flaws allowed attackers to steal access tokens which allow you to remain logged into Facebook as well as access tokens for people being searched for
    • Guy Rosen, Facebook’s Vice President of Product, said "This is a complex interaction of multiple bugs"
    • The flaw that enabled the attack has been patched. Mark Zuckerberg said "We were able to fix the vulnerability and secure the accounts, but it definitely is an issue that it happened in the first place."
    • Facebook automatically logged out 90 million users from their accounts last Friday morning, which covered the 50 million users known to be impacted and an additional 40 million that potentially could have been affected
    • The logouts reset the access tokens of both those directly affected and any other accounts where the View As feature has been used in the last year
    • Facebook has temporarily turned off View As feature
    • Facebook also reported that 3rd-party sites accessed using a Facebook account could be affected
    • Impacted users should see a message at the top of their News Feed when they login in again for the first time. The message includes a prompt to click for additional details
    • You can check out your security settings and logout of any open sessions here: https://www.facebook.com/settings?tab=security
    • It would be a good idea to also change your password and enable two factor authentication (2FA)
  • Facebook is using your phone number for ads:
    • I regularly suggest using two-factor authentication (2FA) because it makes breaking into an account more difficult. In most cases, is a good thing
    • But maybe not always. Facebook has shown once again that they can't be trusted with your information
    • Researchers from Northeastern University and Princeton University found Facebook has been adding these numbers to data that it uses to target people with advertising
    • Until now, it's not been clear which personally identifiable information (PII) Facebook uses from its various services for ad targeting
    • Gizmodo calls this "shadow contact information"
    • Facebook doesn’t state that it does this, but appears to have admitted it in an article where they tell users "Opt out of this ad-based re-purposing of their security digits by not using phone number based 2FA". You can read that article here: https://techcrunch.com/2018/09/27/yes-facebook-is-using-your-2fa-phone-number-to-target-you-with-ads/
    • It is beyond the pale for Facebook to monetize information you provide for security purposes
    • This is yet another reason to consider leaving Facebook or at-least drastically reducing your Facebook footprint
    • One option is to use an authentication app rather than text (SMS) based 2FA. Get more details here: https://www.facebook.com/help/358336074294704?helpref=faq_content
    • You should also disable the feature that allows you to use Facebook to log into other sites if you're still using it. You can check it here: https://www.facebook.com/settings?tab=applications
Brian Thomas

Brian Thomas

Based in Cincinnati, OH, the Brian Thomas Morning Show covers news and politics, both local and national, from a conservative point of view. Read more

title

Content Goes Here